Researchers discover vulnerabilities in globally used authentication protocol 0Auth 2.0
Tue 12 Jan 2016
Researchers from the University of Trier have identified vulnerabilities in the 0Auth 2.0 authentication protocol, which is trusted to handle billions of internet logins every day on major sites such as Facebook, PayPal and Google+.
OAuth 2.0 is not only one of the most used security protocols on the web, but also the foundation for the forthcoming SSO system OpenID Connect, which launched its first certification procedures in April of 2015. Sites and platforms which do not use it directly use larger sites – particularly Facebook and Google – as authentication guarantors, making any successful exploit a single point of failure for a wider range of services.
In A Comprehensive Formal Security Analysis of OAuth 2.0 [PDF] researchers Daniel Fett, Ralf Küsters and Guido Schmitz outline two principal attack scenarios, including one in which single sign-on login credentials could be intercepted, allowing a hacker to capture a user’s identity.
With the first of these possibilities, the HTTP 307 Temporary Redirect identity providers (iDPs) unknowingly forward a user’s credentials, such as username and password combo, to the attacker. The second permits direct impersonation of the victim:
“This severe attack is caused by a logical flaw in the OAuth 2.0 protocol and depends on the presence of malicious IdP. In practice, OAuth setups often allow for selected (and thus hopefully trustworthy) IdPs only. In these setups the attack would not apply. The attack, however, can be exploited in OpenID Connect, which, as mentioned, builds directly on OAuth.”
The paper’s proposed solution of this particular scenario is to revise OAuth 2.0 to accept HTTP 303 codes exclusively during negotiation amendments, as only a 303 redirect will definitely cancel the HTTP POST request.
The attack that the paper identifies as ‘IdP Mix-Up’ deceives the relying party (RP) about the target iDP which was chosen at the beginning of the authentication protocol, permitting the theft of an authentication code or access token – which enables impersonation of the victim via a standard Man-In-The-Middle (MiTM) attack against the iDP.
The research group have devised and tested proposed solutions to both vulnerabilities found, and have reported both to the relevant parties.